1 package org.eclipse.jetty.policy;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 import java.io.File;
19 import java.security.KeyStore;
20 import java.security.Principal;
21 import java.security.cert.Certificate;
22 import java.security.cert.X509Certificate;
23 import java.util.HashMap;
24 import java.util.Map;
25
26 public class PolicyContext
27 {
28 private Map<String, String> properties = new HashMap<String, String>();
29
30 private Principal[] principals;
31 private KeyStore keystore;
32
33 public PolicyContext()
34 {
35
36 properties.put( "/", File.separator );
37 }
38
39 public void addProperty( String name, String value )
40 {
41 this.properties.put( name, value );
42 }
43
44 public void setProperties( Map<String,String> properties )
45 {
46 this.properties.putAll( properties );
47 }
48
49 public KeyStore getKeystore()
50 {
51 return keystore;
52 }
53
54 public void setKeystore( KeyStore keystore )
55 {
56 this.keystore = keystore;
57 }
58
59 public Principal[] getPrincipals()
60 {
61 return principals;
62 }
63
64 public void setPrincipals( Principal[] principals )
65 {
66 this.principals = principals;
67 }
68
69 public String evaluate(String s) throws PolicyException
70 {
71 s = processProtocols( s );
72
73 int i1=0;
74 int i2=0;
75
76 while (s!=null)
77 {
78 i1=s.indexOf("${");
79 if (i1<0)
80 {
81 break;
82 }
83
84 i2=s.indexOf("}",i1+2);
85 if (i2<0)
86 {
87 break;
88 }
89
90 String property=getProperty(s.substring(i1+2,i2));
91
92 s=s.substring(0,i1)+property+s.substring(i2+1);
93 }
94
95 return s;
96 }
97
98 private String processProtocols( String s ) throws PolicyException
99 {
100 int i1=0;
101 int i2=0;
102
103 while (s!=null)
104 {
105 i1=s.indexOf("${{");
106 if (i1<0)
107 {
108 break;
109 }
110
111 i2=s.indexOf("}}",i1+2);
112 if (i2<0)
113 {
114 break;
115 }
116
117 String property;
118 String target = s.substring(i1+3,i2);
119
120 if ( target.indexOf( ":" ) >= 0 )
121 {
122 String[] resolve = target.split( ":" );
123 property = resolve(resolve[0], resolve[1] );
124 }
125 else
126 {
127 property = resolve( target, null );
128 }
129 s=s.substring(0,i1)+property+s.substring(i2+2);
130 }
131
132 return s;
133 }
134
135
136 public String getProperty(String name)
137 {
138 if (properties.containsKey(name))
139 {
140 return properties.get(name);
141 }
142
143 return System.getProperty(name);
144 }
145
146 private String resolve( String protocol, String data ) throws PolicyException
147 {
148
149 if ( "self".equals( protocol ) )
150 {
151
152 if ( principals != null && principals.length != 0 )
153 {
154 StringBuilder sb = new StringBuilder();
155 for ( int i = 0; i < principals.length; ++i )
156 {
157 sb.append( principals[i].getClass().getName() );
158 sb.append( " \"" );
159 sb.append( principals[i].getName() );
160 sb.append( "\" " );
161 }
162 return sb.toString();
163 }
164 else
165 {
166 throw new PolicyException( "self can not be expanded, missing principals" );
167 }
168 }
169 if ( "alias".equals( protocol ) )
170 {
171 try
172 {
173 Certificate cert = keystore.getCertificate(data);
174
175 if ( cert instanceof X509Certificate )
176 {
177 Principal principal = ((X509Certificate) cert).getSubjectX500Principal();
178 StringBuilder sb = new StringBuilder();
179 sb.append( principal.getClass().getName() );
180 sb.append( " \"" );
181 sb.append( principal.getName() );
182 sb.append( "\" " );
183 return sb.toString();
184 }
185 else
186 {
187 throw new PolicyException( "alias can not be expanded, bad cert" );
188 }
189 }
190 catch ( Exception e )
191 {
192 throw new PolicyException( "alias can not be expanded: " + data );
193 }
194 }
195 throw new PolicyException( "unknown protocol: " + protocol );
196 }
197 }